A password evaluation engine used to evaluate a user's password that redefines the concepts of password complexity and password strength is discussed. Password complexity may be calculated by the evaluation engine so as to take into account the amount of knowledge possessed by a potential attacker, seeking to crack the password, of the rules corresponding to a rule set used for generating the password. A determination of password strength by the evaluation engine may consider a potential attacker's computational resources, the protection function used to protect/store a password and the amount of time available to the attacker to crack the password with respect to an identified search space based on the attacker's knowledge. Embodiments also enable a password strength estimator to be evaluated and policy recommendations to be generated for an entity's password policy requirements.

A method and device for realizing a verification code are provided. In some embodiments, a character verification code is obtained and displayed when it is determined to perform identity verification. The character verification code has an incorrect character based on a priori knowledge. The user is prompted to input a correct character corresponding to the incorrect character in the character verification code. Verification information is received. It is determined that the verification is successful when the verification information corresponds to the correct character of the prior knowledge; otherwise, the verification failed.

Methods and apparatus to validate and restore machine configurations are disclosed herein. An example apparatus includes a context identifier to obtain first context information for a first set of configuration update events occurring on a computing device, a guest agent interface to transmit the first set of configuration update events to a security manager for generation of a policy, the policy including allowable configuration update events and responses to unallowable configuration update events, an event comparator to compare second context information of a subsequent configuration update event obtained by the context identifier to the policy received from the security manager, and an event handler to determine, when the subsequent configuration update event is not included in the policy, that the subsequent configuration update event is to be transmitted to the security manager for generation of an updated policy.

Methods and apparatus to validate and restore machine configurations are disclosed herein. An example apparatus includes a context identifier to obtain first context information for a first set of configuration update events occurring on a computing device, a guest agent interface to transmit the first set of configuration update events to a security manager for generation of a policy, the policy including allowable configuration update events and responses to unallowable configuration update events, an event comparator to compare second context information of a subsequent configuration update event obtained by the context identifier to the policy received from the security manager, and an event handler to determine, when the subsequent configuration update event is not included in the policy, that the subsequent configuration update event is to be transmitted to the security manager for generation of an updated policy.

A method and device for realizing a verification code are provided. In some embodiments, a character verification code is obtained and displayed when it is determined to perform identity verification. The character verification code has an incorrect character based on a priori knowledge. The user is prompted to input a correct character corresponding to the incorrect character in the character verification code. Verification information is received. It is determined that the verification is successful when the verification information corresponds to the correct character of the prior knowledge; otherwise, the verification failed.

A hierarchy of object groups is defined. Objects group collections are defined on top of the hierarchy. Authorization rights for executing actions are defined through the object group collection definitions. A request for a change associated with assignments of an object group in a hierarchy of a plurality of object groups may be received, where the assignments are related to object group collections. A change trigger is stored at an explosion update trigger table. The change trigger is stored synchronously with updating definitions of the object group collections and/or updating the hierarchy organization. The explosion update trigger table is processed to determine changes for the explosion table. The change trigger may be processed together with one or more other triggers associated with the object group. The explosion table is updated to reflect changes to the object group and other object groups hierarchically inherent for the object group.

A password evaluation engine used to evaluate a user's password that redefines the concepts of password complexity and password strength is discussed. Password complexity may be calculated by the evaluation engine so as to take into account the amount of knowledge possessed by a potential attacker, seeking to crack the password, of the rules corresponding to a rule set used for generating the password. A determination of password strength by the evaluation engine may consider a potential attacker's computational resources, the protection function used to protect/store a password and the amount of time available to the attacker to crack the password with respect to an identified search space based on the attacker's knowledge. Embodiments also enable a password strength estimator to be evaluated and policy recommendations to be generated for an entity's password policy requirements.

In an embodiment, a system includes a processor and a non-volatile storage device. The non-volatile storage device may include a stored firmware program and a firmware loader. The firmware loader may be executable by the processor to read a first instruction of the stored firmware program; and generate, based on the first instruction, a set of runtime instructions to be included in a runtime firmware program, where the stored firmware program and the runtime firmware program are composed in a same programming language. Other embodiments are described and claimed.

Methods and apparatus to validate and restore machine configurations are disclosed herein. An example apparatus includes a context identifier to obtain first context information for a first set of configuration update events occurring on a computing device, a guest agent interface to transmit the first set of configuration update events to a security manager for generation of a policy, the policy including allowable configuration update events and responses to unallowable configuration update events, an event comparator to compare second context information of a subsequent configuration update event obtained by the context identifier to the policy received from the security manager, and an event handler to determine, when the subsequent configuration update event is not included in the policy, that the subsequent configuration update event is to be transmitted to the security manager for generation of an updated policy.

Methods and apparatus to validate and restore machine configurations are disclosed herein. An example apparatus includes a context identifier to obtain first context information for a first set of configuration update events occurring on a computing device, a guest agent interface to transmit the first set of configuration update events to a security manager for generation of a policy, the policy including allowable configuration update events and responses to unallowable configuration update events, an event comparator to compare second context information of a subsequent configuration update event obtained by the context identifier to the policy received from the security manager, and an event handler to determine, when the subsequent configuration update event is not included in the policy, that the subsequent configuration update event is to be transmitted to the security manager for generation of an updated policy.